Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2022-23130

UNKNOWN
Published 2022-01-21T18:17:30
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2022-23130. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01), ICONICS GENESIS64 versions 10.97 and prior and ICONICS Hyper Historian versions 10.97 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64 or MC Works64 and execute commands against the database from GENESIS64 or MC Works64.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-9q64-8g8h-wr27

Advisory Details

Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A (10.95.201.23) to 4.04E (10.95.210.01), ICONICS GENESIS64 versions 10.97 and prior and ICONICS Hyper Historian versions 10.97 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64 or MC Works64 and execute commands against the database from GENESIS64 or MC Works64.

CVSS Scoring

CVSS Score

5.0

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-23130
WEB https://jvn.jp/vu/JVNVU95403720/index.html
WEB https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01
WEB https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf

Advisory provided by GitHub Security Advisory Database. Published: January 22, 2022, Modified: January 28, 2022

References

https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-028_en.pdf
https://jvn.jp/vu/JVNVU95403720/index.html
https://us-cert.cisa.gov/ics/advisories/icsa-22-020-01
Published: 2022-01-21T18:17:30
Last Modified: 2024-08-03T03:36:19.772Z
Copied to clipboard!